As a law firm, GWK LAW Ltd, Effingerstrasse 17, P.O. Box, CH-3001 Berne, Switzerland, (hereinafter “we”) necessarily processes your personal data. We process your personal data in accordance with the provisions of the Swiss Data Protection Act (hereinafter referred to as “DSG”) and, if applicable, the European General Data Protection Regulation (hereinafter referred to as “GDPR”) and strictly observe the duty of confidentiality. Unless otherwise notified, we process your personal data as data controllers. We use technical and organisational security measures to adequately protect personal data against unauthorised access, manipulation, loss and deletion and check these measures regularly. This privacy policy describes how we process and use the personal data collected from you.

1. What personal data do we collect?
“Personal Data” is information that relates to you or that we can otherwise associate with you. Personal Data that we collect includes the following: Company name, first and last name, title, registered office, postal address, email address, telephone and fax numbers, date of birth, banking information, employment information, income information, family information, health information, current criminal, civil and administrative proceedings and any information you disclose to us or we otherwise obtain pursuant to Section 2. Data processing includes all steps in the handling of personal data from collection, storage and use to deletion. When you access our websites, the following data is stored in log files: IP address, date, time, browser request and general information transmitted to the operating system or browser.
If clients provide us with personal data via a third party (e.g. via your employees or other contact persons), it is up to the client to inform them in a general way about the processing by legal service providers (such as us) or other external service providers (e.g. in a privacy policy for employees).

2. How do we process your personal data?
We collect personal data (data that directly or indirectly identifies natural persons) that you have voluntarily provided to us when, for example, (i) you contact us and provide us with information (e.g. name and contact information, as well as information about your role with the company or organization for which you serve as the respective contact person or on whose behalf you contact us) and request services; (ii) when you instruct third parties to provide us with information; (iii) when you ask us to send you communications or newsletters; (iv) we receive or collect ourselves in the course of the client-attorney relationship, i.e., consulting and advocacy engagements from clients or third parties involved.
In general, we also collect personal data in our practice (i) from publicly accessible sources such as public registers (commercial register, debt collection register, land register, civil status register), the press, the Internet, etc. (ii) from counterparties, authorities, courts, arbitration tribunals or other third parties involved or connected to the provision of the services.
Furthermore, we use tracking technologies such as cookies to collect information such as the above and to better understand how visitors use our websites. These technologies help us manage our websites and improve their user experience. For example, we can tell if your computer has connected to us before and see which areas of our websites are used most often.

3. For what purpose do we process your personal data?
We need your personal data primarily to provide, document and bill you for legal services (e.g. legal opinions, legal briefs) and to (i) comply with our legal obligations; (ii) administer the websites and ensure error-free provision of our websites; (iii) enter into or perform contracts with you; (iv) transfer data to third-party providers, e.g. to correspondent lawyers of our national and international network; (v) in connection with other activities, namely lectures, teaching and publications; (vi) contractual obligations. (v) in connection with other activities, namely lecturing, teaching and publishing; (vi) contractual obligations; (vii) other legitimate interests of GWK LAW AG; and (viii) to send you newsletters and other information.
GWK LAW AG has an overriding private interest in the processing of Personal Data within the scope of fulfilling the mandate of the client, which justifies such processing (Art. 31 para. 2 let. a DSG).

4. To whom do we share your information?
In order to achieve the purposes described in this Privacy Policy, it may be necessary for us to disclose Personal Data to the following categories of recipients: External service providers, clients, counterparties and their legal representatives, business partners with whom the provision of legal services may need to be coordinated (e.g., IT service providers, correspondent attorneys), and public authorities and courts. Which personal data we disclose to the relevant authorities and courts within the scope of legal services is at the discretion of the acting lawyer, according to the case law of the Federal Supreme Court.

5. How do we use cookies?
Cookies are used on our websites. Cookies are small text files that are stored on the website visitor’s end device. They save how our website is used and serve to make our offer more user-friendly, more effective and safer and do not cause any damage on your device.
You can set your browser to inform you when cookies are set, to allow cookies only in individual cases, to exclude the acceptance of cookies for certain cases or in general, and to activate the automatic deletion of cookies when the browser is closed. However, if you deactivate cookies, the functionality of our websites may be limited or excluded. Cookies, which are necessary for the electronic communication process or for the provision of certain functions desired by you, can be stored. It is recommended that you disable third-party cookies, enable tracking protection and use “do not track”. For further information, please refer to the help function of your browser.

6. How do we use social media plug-ins?
The website may contain links to third-party websites, goods and services. Information collected by third parties, including location data or contact information, is subject to their respective privacy policies. We encourage you to review the privacy policies of these third parties. This privacy policy does not apply to third-party websites that can be accessed through our websites. We have no influence on how these companies meet the data protection requirements.
6.1 Instagram Plug-In
Plug-ins from Instagram are integrated on our websites. The provider is Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA. You can recognize the Instagram plug-ins by the Instagram logo. When you visit our websites, the plug-in establishes a direct connection between your browser and the Instagram/Facebook server. Facebook thereby receives the information that you visit our websites with your IP address. We have no knowledge of the content of the transmitted data or its use by Facebook. You can find further information in the Instagram privacy policy. If you do not want Facebook to be able to assign visits to our websites to your Instagram user account, please log out of your Instagram user account.

6.2 LinkedIn Plug-In
Plug-ins from LinkedIn are integrated on our websites. Provider is LinkedIn Ireland Unlimited Company, Gardner House, Wilton Place, Dublin 2, Ireland. You can recognize LinkedIn plug-ins by the LinkedIn logo on our websites. By clicking on the LinkedIn buttons, the plug-in establishes a direct connection between your browser and the LinkedIn server. LinkedIn receives information that you have visited our websites along with your IP address. LinkedIn may use data collection, syndication analysis and other similar tools to track, extract, compile and analyze any data or information that results from the use of the plug-in. Please see LinkedIn’s privacy policy for more information.

7. Google Analytics
We use Google Analytics, a web analysis service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter «Google»). Google Analytics uses cookies that enable website usage to be analysed. The information generated by the cookie as a result of your use of the website is sent in anonymised form to a Google server in the USA where it is stored. Thanks to anonymisation, this data cannot be assigned to any specific person. Google will use this information to evaluate your use of the website, to compile reports about user activities and to provide additional services related to use of the website and Internet usage. Google will transfer this information to third parties, where appropriate, insofar as this is required by law or where third parties process this data on behalf of Google.
You can prevent the data that is generated by the cookie and is based on your use of the website (including your IP address) from being transferred to Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
Google also processes your data in the U.S. and has committed to applying the principles of the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework. Further information about data processing by Google is provided in Google’s Privacy Policy: http://www.google.de/intl/en/policies/privacy.

9. Google Maps
This website uses the services of Google Maps. This allows us to display interactive maps directly on the website and enables you to conveniently use the map function.
When you visit the website, Google receives the information that you have accessed the corresponding sub-page of our website. The data listed in the section “Processing of data on the website/application and legal basis for processing” are transferred as well. This happens regardless of whether Google provides a user account that you are logged in with or whether no user account exists. If you are logged in to Google, your information will be directly associated with your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button. Google stores your data as user profiles and uses them for purposes of advertising, market research and/or customising the design of its website. Such analysis takes place in particular (even for users who are not logged in) to provide customised advertising and to inform other users of the social media network about your activities on our website. You have the right to object to the creation of these user profiles, but to do so you must contact Google.
For more information about the purpose and scope of data collection and its processing by the plugin provider, please refer to the respective provider’s privacy policy. There you will also find further information about your rights in this regard and options for setting your privacy preferences: http://www.google.de/intl/en/policies/privacy. Google also processes your data in the U.S. and has committed to applying the principles of the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.

9. Why do we process your personal data and on what justification?
We process your personal data for the conclusion and fulfilment of a contract or a legal obligation (Art. 4 para. 3 and 13 para. 2 lit. a DSG, Art. 6 para. 1 lit. b and c GDPR) and for communication purposes on the basis of your consent at the time of the collection of your personal data (Art. 4 para. 5 DSG, Art. 6 para. 1 lit. a GDPR). You can revoke your consent at any time.

10. How long do we keep your personal data?

We process and store your personal data for as long as it is necessary for the fulfillment of our contractual and legal obligations or the purposes stated in section 3 (for example, the defense of liability claims until the absolute statute of limitations). We store personal data for the duration of our entire business relationship and thereafter, as a rule, for ten years in order to fulfill the statutory retention obligations and to be able to document our legitimate interests.

Decisive for the duration of the retention of client data are, among others, the following legal regulations:

• Pursuant to Art. 11 of the Cantonal Lawyers Act (KAG) of the Canton of Bern, lawyer files (client files) must be kept for ten years;
• Pursuant to Art. 958 f. OR, business books and accounting vouchers (e.g. invoices to clients) must be kept for ten years;
• Pursuant to Art. 127 OR, claims arising from breach of contractual obligations (e.g. expert orders and attorney mandates) become time-barred after ten years.

11. Data security
We have taken appropriate technical and organizational measures to protect your personal data against loss and unauthorized access.
All (client) data is processed on the cloud solution Microsoft 365 as well as Vertec, which are operated on servers with locations in Switzerland.
GWK LAW AG, as the operator of this website, disclaims any responsibility for the data protection compliance of third-party websites linked to its website. The use of external links from the website is at the user’s own risk.

12. Your rights
In particular, data subjects have the right to obtain information about the personal data processed about them and the purpose of the data processing (Art. 25 DSG), the right to have their personal data corrected and to have it deleted or restricted (Art. 32 DSG), the right to object to the processing, the right to take legal action before a competent supervisory authority (Federal Public Information and Data Protection Commissioner, EDÖB), and the right to have the personal data they have submitted handed over or transferred (Arts. 28 and 29 DSG). It should be noted that conditions and exceptions apply to these rights. To the extent legally permissible or necessary, GWK LAW AG may refuse requests to exercise these rights. In addition, personal data may have to continue to be stored or processed despite requests to delete or restrict processing for legal reasons. To exercise these rights, please contact us at the address below and submit proof of your identification.
In the case of requests concerning the exercise of rights by the data subject, the principles governing the processing of personal data of clients (cf. section 2 above) apply to the processing of personal data.
If you do not agree with our data processing, please inform us accordingly. You also have the right to report this to the Federal Data Protection and Information Commissioner and/or the competent supervisory authorities in the EU.

13. Communication channels and security
We cannot guarantee the confidentiality of electronic communication channels, especially e-mail. The Internet, websites and the electronic transmission of data are generally regarded as insecure in terms of confidentiality and data security. Unauthorized third parties could access information exchanged via the aforementioned channels, and data could be damaged or its contents altered. We accept no liability for the security of electronically transmitted data. We recommend that you encrypt your e-mails.

We assume that individuals who communicate with us via email are comfortable with this method of communication and thus consent to our use of email to respond to inquiries.

14. How can you contact us?
Please contact us if you have any questions about this privacy policy. The overall responsibility for data protection at GWK LAW AG lies with Martin Klaus personally. Data subjects may contact us in writing regarding data protection issues at the following addresses (telephone inquiries regarding data protection will not be handled):
GWK LAW AG
Effingerstrasse 17
P.O. Box
CH – 3001 Bern
gwk@gwk-law.ch
UID: CHE-233.418.264
Registered in the Commercial Register of the Canton of Bern

We reserve the right to adapt this privacy policy at any time. The current version of the privacy policy published on this website applies in each case.